CVE-2022-35293 Information

Description

Due to insecure session management SAP Enable Now allows an unauthenticated attacker to gain access to user’s account. On successful exploitation an attacker can view or modify user data causing limited impact on confidentiality and integrity of the application.

Reference

https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html https://launchpad.support.sap.com/#/notes/3210566